Principal Software Engineer – Authentication & Access

Hungary · Budapest, HungaryFull-timePosted Jul 8, 2026
Apply

Overview

One Identity's OneLogin is seeking a Principal Software Engineer to lead the architecture, correctness, and evolution of authentication and access systems across our platform. These systems are among the most security-critical and failure-sensitive areas of the product and require deep expertise in identity protocols, session management, and secure system design. 

 

As a Principal Engineer, you will operate with broad technical ownership—defining standards, guiding implementation, and resolving systemic issues across authentication flows, authorization models, and session behavior. You will work across teams to ensure that authentication systems are secure, reliable, and consistent, while evolving legacy implementations toward modern, scalable designs. While deeply focused on authentication and access, you will contribute broadly across the platform, applying this expertise to improve system design and reliability in adjacent areas. 

 

This is a hands-on role that includes system design, deep debugging of cross-service behavior, and driving modernization efforts in a complex distributed SaaS environment. You will also play a key role in mentoring engineers and raising the level of expertise in authentication and access across the organization. 

Responsibilities

Own the correctness, security, and consistency of authentication and access systems across the platform 

 

• Define and evolve authentication flows, authorization models, and session lifecycle patterns • Ensure protocol correctness and consistency across protocols (SAML, OAuth 2.0, OpenID Connect, etc.) • Establish and drive adoption of consistent authentication and access patterns across teams, ensuring alignment with defined standards   • Design and validate secure, state-machine-driven authentication workflows • Standardize handling of MFA, session behavior, and authentication edge cases • Identify and remediate legacy or inconsistent authentication implementations • Improve resilience and secure failure handling across authentication flows • Ensure consistent authentication and authorization behavior across services, APIs, and user entry points • Guide the evolution and modernization of authentication systems while maintaining backwards compatibility and correctness 

 

Ideal Experience: 

• Deep experience with authentication and identity protocols (SAML, OAuth 2.0, OpenID Connect, LDAP) • Strong understanding of session management, including lifecycle, invalidation, and behavior across distributed systems • Experience designing complex authentication flows and state-machine-driven workflows • Strong security engineering fundamentals, including secure system design and failure handling • Experience working with PKI, certificates, and secure communication patterns • Experience debugging complex authentication and session issues across multiple services • Experience remediating legacy or inconsistent authentication implementations • Experience modernizing authentication systems using incremental migration approaches • Strong ability to reason about correctness, edge cases, race conditions, and failure modes • Experience working across teams to drive consistency and correctness in a critical domain • Experience using AI tools to analyze flows, validate system behavior, and identify inconsistencies at scale

Qualifications

Software Engineering

  • 8+ years of software engineering experience with ownership of critical production systems, including authentication and access services.
  • Strong backend development experience (Ruby, Node.js, or similar).
  • Experience building and operating authentication, authorization, and API-based services in distributed environments.
  • Solid understanding of REST APIs, service contracts, and software design principles.

Quality Engineering

  • Experience building secure, reliable systems with strong testing practices across unit, integration, and service layers.
  • Strong ownership of code quality, validation, and handling complex scenarios.

Cloud & Production Systems

  • Experience building and operating services in AWS or similar cloud environments.
  • Good understanding of distributed systems, cloud-native architecture, and CI/CD.
  • Experience with observability, production debugging, and incident response.

On-Call & Reliability

  • Willingness to participate in a mandatory 24/7 on-call rotation.
  • Experience responding to production incidents and contributing to reliability improvements.

AI-Assisted Development

  • Experience using, or strong interest in, AI-powered development tools (e.g., GitHub Copilot, ChatGPT, Cursor).
  • Ability to evaluate and refine AI-generated code, specifications, workflows, and system designs.

Company Description  

One Identity enables organizations of all sizes to better secure, manage, monitor, protect, and analyze information and infrastructure to help fuel innovation and drive their businesses forward. With team members around the globe, we intend to continue to grow revenues and add value to customers.  

  

When you join our team, you will have the opportunity to build and develop products at a scale few others can provide. Our product portfolio serves a large base of customers and we are addressing the strategic imperatives for enterprise businesses. Working with some of the most talented employees the industry has to offer, we provide enhanced career opportunities for team members to learn and grow in a rapidly changing environment.

 

One Identity is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: One Identity is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at One Identity are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. One Identity will not tolerate discrimination or harassment based on any of these characteristics. One Identity encourages applicants of all ages.  

  

Come join us. For more information, visit us on the web at One Identity Careers | Explore Opportunities with the OI Team 

  

Job seekers should be aware of fraudulent job offers from online scammers and only apply to roles listed on quest.com/careers using our applicant system. Note: We do not use text messaging or third-party messaging apps like Telegram to communicate with applicants, so please exercise caution if you are approached in this way and only interact with people claiming to be Quest employees if they have an email address ending in @quest.com or @oneidentity.com

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free